AuthAnvil Windows Credential Provider Install Guide

The AuthAnvil Two Factor Auth Windows Credential Provider offers companies the ability to add strong two-factor authentication to Microsoft’s Windows client and server operating systems. It provides a simple and consistent logon experience no matter if they logon at the local desktop or through a terminal session. And it offers identity assurance by requiring users to provide their AuthAnvil Two Factor Auth passcode during the logon process.

Supported Platforms

The AuthAnvil Two Factor Auth Windows Credential Provider is available for the following platforms:

Windows Server 2008, 2008 R2, 2012, 2012 Essentials, 2012 R2

Small Business Server 2008, 2011

Small Business Server Essentials 2011

Essential Business Server 2008

Vista, Windows 7 and Windows 8, Windows 8.1

Windows 2008, 2008 R2 and 2012 Terminal Server

Windows Server 2008 R2 Core

Hyper-V Server 2008

Note: This agent does not support Windows 10.

Prerequisites

The following software must be installed before the Windows Credential Provider can be installed.

Note: These must be installed manually on 64-bit machines before installing the Windows Credential Provider as there is no prerequisite checking available. Installing the Windows Credential Provider without the prerequisites installed will leave the machine unable to successfully log in, and require the Credential Provider to be removed using the Emergency Uninstall Procedure

.NET Framework 2.0 or later (Not required for Server Core and Hyper-V)

Set the Override Group and Override password.Note: This Override Group will need to be manually created in Active Directory or locally for stand alone machines.Note: Always set an override Password to prevent errors during installation and testing. This password can be changed later as well.

Select Next once the Override settings are set.

Select Install to complete the setup.

Once the user is logged out you should now see a Windows credential provider prompt including an AuthAnvil passcode prompt.

Testing functionality

When the user logs into a Windows Desktop locally or remotely they will see the following.

The AuthAnvil Passcode consists of a Pin+OTP.

Note: Users will need to enter a four digit pin here as well as the One Time Password.For the Pin your users will use Pin: 1234The actual Pin requirement was a hold over from the old On-Prem configuration. On-Demand does not use the Pin, however it respects the value being submitted.

Note: Offline caching mode is currently not compatible with AuthAnvil On-Demand user accounts.